search
menu
icon-carat-right
cmu-wordmark
×
Home
Notes
Search
Report a Vulnerability
Disclosure Guidance
VINCE
Carnegie Mellon University
ATTENTION: VINCE web interface and API interfaces will be down for maintenance from 1200 EDT on Tuesday, March 19, 2024, until no later than 0900 EDT Wednesday, March 20, 2024.
Software Engineering Institute
CERT Coordination Center
Home
Notes
Search
Report a Vulnerability
Disclosure Guidance
VINCE
Home
Current:
Notes
CERT/CC Vulnerability Notes Database
Published
Public
Updated
ID
CVSS
Title
2024-03-07
2024-03-07
2024-03-18
VU#949046
Sceiner firmware locks and associated devices are vulnerable to encryption downgrade and arbitrary file upload attacks
2024-03-14
2024-03-14
2024-03-15
VU#488902
CPU hardware utilizing speculative execution may be vulnerable to speculative race conditions
2022-11-01
2022-11-01
2024-03-08
VU#794340
OpenSSL 3.0.0 to 3.0.6 decodes some punycode email addresses in X.509 certificates improperly
2022-08-11
2022-08-11
2024-03-04
VU#309662
Signed third party UEFI bootloaders are vulnerable to Secure Boot bypass
2021-01-19
2021-01-19
2024-03-04
VU#434904
Dnsmasq is vulnerable to memory corruption and cache poisoning
2023-12-06
2023-12-06
2024-03-04
VU#811862
Image files in UEFI can be abused to modify boot behavior
2024-01-16
2024-01-16
2024-03-04
VU#132380
Vulnerabilities in EDK2 NetworkPkg IP stack implementation.
2021-12-15
2021-11-29
2024-03-04
VU#930724
Apache Log4j allows insecure JNDI lookups
2023-02-28
2023-02-28
2024-03-04
VU#782720
TCG TPM2.0 implementations vulnerable to memory corruption
2024-01-16
2024-01-16
2024-01-31
VU#302671
SMTP end-of-data uncertainty can be abused to spoof emails and bypass policies
2024-01-16
2024-01-16
2024-01-17
VU#446598
GPU kernel implementations susceptible to memory leak
2023-09-12
2023-09-12
2023-11-16
VU#347067
Multiple BGP implementations are vulnerable to improperly formatted BGP updates
2023-09-06
2023-09-06
2023-09-06
VU#304455
Authentication Bypass in Tenda N300 Wireless N VDSL2 Modem Router
2023-08-28
2023-08-28
2023-08-28
VU#757109
Groupnotes Inc. Videostream Mac client allows for privilege escalation to root account
2023-08-16
2023-08-16
2023-08-16
VU#287122
Parsec Remote Desktop App is prone to a local elevation of privilege due to a logical flaw in its code integrity verification process
Previous
You're on page
1
2
3
4
239
Next
Sponsored by
CISA.
Download PGP Key
Read CERT/CC Blog
Learn about Vulnerability Analysis